Home » HP Manuals » Servers » HP Brocade 8/12c » Manual Viewer

HP Brocade 8/12c Brocade Fabric OS Documentation Updates - Supporting Fabric O - Page 20

cryptoCfg, fruReplace, cryptocfg - -reg -KAClogin, reg -KAClogin, show groupcfg, TEMS, or TKLM

Add to My Manuals
Save this manual to your list of manuals

Page 20 highlights

4 cryptoCfg cryptoCfg On page 159, modify the description of the cryptocfg - -reg -KAClogin parameter as shown and add the example in the example section: --reg -KAClogin Registers the node KAC login credentials (username and password) with the configured key vaults. This command is valid for the Thales nCipher (TEMS), the HP SKM, and the TKLM key vaults. This command must be run on each member node. For key vault configuration procedures, refer to the Fabric OS Encryption Administrator's Guide for your specific key vault product. On page 165, add the TKLM key vault to the set of key vaults displayed by the --show groupcfg command. The NCKA key vault is now referred to as TEMS and should be updated in all places where the NCKA key vault is mentioned. Use the --show -groupcfg command to display encryption group and member configuration parameters, including the following parameters: • Encryption group name: user-defined label • Encryption group policies: - Failback mode: Auto or Manual - Replication mode: Enabled or Disabled - Heartbeat misses: numeric value - Heartbeat timeout: value in seconds - Key Vault Type: LKM, RKM, SKM, TEMS, or TKLM. - System Card: Disabled or Enabled • • For each configured key vault, primary and secondary, the command shows: - IP address: The key vault IP address - Certificate ID: the key vault certificate name - State: connected, disconnected, up, authentication failure, or unknown. - Type: LKM, RKM, SKM, TEMS, or TKLM fruReplace On Page 173, replace the example for exporting the master key with the example shown: To export the master key to the RKM key vault: SecurityAdmin:switch> cryptocfg --exportmasterkey Enter passphrase:******* Confirm passphrase:******* Master key exported. Master Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:55 Exported Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:56 This command is no longer supported as of Fabric OS v7.0.0. Refer to the WWN Card Remove and Replace Procedure (53-1000832-05) for information on how to replace a WWN card without this command. 10 Fabric OS Documentation Updates 53-1002165-05

Section	Page
Contents	3
About This Document	7
In this chapter	7
How this document is organized	7
What’s new in this document	8
Brocade Resources	9
Document feedback	9
Access Gateway Administrator’s Guide	11
In this chapter	11
Documentation updates for Fabric OS v7.0.0 and later	11
Chapter 2, Configuring Ports in Access Gateway Mode	11
CEE Command Reference	13
In this chapter	13
Documentation updates for Fabric OS v7.0.0 and later	13
Fabric OS Administrator’s Guide	15
In this chapter	15
Documentation updates for Fabric OS v7.0.0 and later	15
Chapter 22, Managing Long Distance Fabrics	15
Documentation updates for Fabric OS v7.0.1 and later	16
Chapter 23, Managing Long Distance Fabrics	16
Fabric OS Command Reference	17
In this chapter	17
Documentation Updates for Fabric OS v7.0.1	17
Documentation Updates for Fabric OS v7.0.0	19
Fabric OS Encryption Guide Supporting LKM	23
In this chapter	23
Documentation updates for LKM	23
Chapter 3, Configuring Brocade Encryption Using CLI	23
Failover/failback policy configuration	23
Chapter 5, Best Practices and Special Topics	23
Key Vault Best Practices	23
Chapter 6, Maintenance and Troubleshooting	23
Manually synchronizing the security database	23
Fabric OS Encryption Guide Supporting RKM	25
In this chapter	25
Documentation updates for RKM	25
Chapter 2, Encryption configuration using the Management application	25
Disk device decommissioning	25
Chapter 3, Configuring Brocade Encryption Using CLI	26
Failover/failback policy configuration	26
Chapter 5, Best Practices and Special Topics	27
Key Vault Best Practices	27
Chapter 6, Maintenance and Troubleshooting	27
Manually synchronizing the security database	27
Fabric OS Encryption Guide Supporting SKM and ESKM	29
In this chapter	29
Documentation updates for SKM	29
Chapter 3, Configuring Brocade Encryption Using CLI	29
Failover/failback policy configuration	29
Chapter 5, Best Practices and Special Topics	29
Key Vault Best Practices	29
Chapter 6, Maintenance and Troubleshooting	29
Manually synchronizing the security database	29
Fabric OS Encryption Guide Supporting TEMS	31
In this chapter	31
Documentation updates for TEMS	31
Chapter 3, Configuring Brocade Encryption Using CLI	31
Failover/failback policy configuration	31
Chapter 5, Best Practices and Special Topics	31
Key Vault Best Practices	31
Chapter 6, Maintenance and Troubleshooting	31
Manually synchronizing the security database	31
Fabric OS Encryption Guide Supporting TEMS	33
In this chapter	33
Documentation updates for TKLM	33
Chapter 3, Configuring Brocade Encryption Using CLI	33
Failover/failback policy configuration	33
Chapter 5, Best Practices and Special Topics	33
Key Vault Best Practices	33
Chapter 6, Maintenance and Troubleshooting	33
Manually synchronizing the security database	33
Fabric OS FCIP Administrator’s Guide	35
In this chapter	35
Documentation updates for Fabric OS v7.0.0 and later	35
Chapter 2, FCIP on the 7800 Switch and FX8-24 Blade	35
Fabric OS MIB Reference	37
In this chapter	37
Documentation updates for Fabric OS v7.0.1	37
Chapter 1, Understanding Brocade SNMP	37
Chapter 4, FE MIB Objects	38
Chapter 5, Entity MIB Objects	39
Chapter 6, SW-MIB Objects	39
Chapter 7, High-Availability MIB Objects	40
Chapter 9, FibreAlliance MIB Objects	40
Chapter 11, FCIP MIB Objects	40
Fabric OS Troubleshooting and Diagnostics Guide	43
In this chapter	43
Documentation updates for Fabric OS v7.0.0 and later	43
Appendix A, Switch Type and Blade ID	43
Documentation updates for Fabric OS v7.0.1 and later	44
Chapter 10, Diagnostic Features	44
Appendix A, Switch Type and Blade ID	44
Fabric Watch Administrator’s Guide	45
In this chapter	45
Documentation updates for Fabric Watch v7.0.0 and later	45
Chapter 1. Fabric Watch	45
Chapter 8. System Monitoring	45
Chapter 9. Fabric Watch configuration using Web Tools	46
Web Tools Administrator’s Guide	47
In this chapter	47
Documentation updates for Fabric OS v7.0.0	47
Chapter 9, Administering Zoning	47
Documentation updates for Fabric OS v7.0.1	47
About This Document	47
Chapter 1, Introducing Web Tools	47
Chapter 2, Using the Web Tools Interface	48
Chapter 6, Managing Ports	48
Chapter 11, Using the FC-FC Routing Service	48
Chapter 14, Administering Extended Fabrics	49
Chapter 15, Routing Traffic	49
Chapter 17, Administering FICON CUP Fabrics	49
Brocade 6510 Hardware Reference Manual	51
In this chapter	51
Chapter 2, Brocade 6510 Installation and Configuration	51
Appendix A, Brocade 6510 Specifications	51
Brocade DCX 8510-8 Backbone Hardware Reference Manual	53
In this chapter	53
Chapter 5, Removal and Replacement Procedures	53
Preparing for the WWN card replacement	53
Brocade DCX 8510-4 Hardware Reference Manual	55
In this chapter	55
Chapter 5, Removal and Replacement Procedures	55
Preparing for the WWN card replacement	55
Brocade DCX Backbone Hardware Reference Manual	57
In this chapter	57
Chapter 5, Removal and Replacement Procedures	57
Preparing for the WWN card replacement	57
Brocade DCX-4S Backbone Hardware Reference Manual	59
In this chapter	59
Chapter 5, Removal and Replacement Procedures	59

Match case Limit results 1 per page

Fabric OS Documentation Updates

53-1002165-05

cryptoCfg

On page 159, modify the description of the

cryptocfg - -reg -KAClogin

parameter as shown and add the

example in the example section:

--reg -KAClogin

Registers the node KAC login credentials (username and password) with the

configured key vaults. This command is valid for the Thales nCipher (TEMS), the

HP SKM, and the TKLM key vaults. This command must be run on each member

node. For key vault configuration procedures, refer to the Fabric OS Encryption

Administrator's Guide for your specific key vault product.

On page 165, add the TKLM key vault to the set of key vaults displayed by the

--show groupcfg

command.

The NCKA key vault is now referred to as TEMS and should be updated in all places where the NCKA

key vault is mentioned.

Use the

--show -groupcfg

command to display encryption group and member configuration parameters,

including the following parameters:

•

Encryption group name: user-defined label

•

Encryption group policies:

Failback mode: Auto or Manual

Replication mode: Enabled or Disabled

Heartbeat misses: numeric value

Heartbeat timeout: value in seconds

Key Vault Type: LKM, RKM, SKM,

TEMS, or TKLM

System Card: Disabled or Enabled

•

• For each configured key vault, primary and secondary, the command shows:

IP address: The key vault IP address

Certificate ID: the key vault certificate name

State: connected, disconnected, up, authentication failure, or unknown.

Type: LKM, RKM, SKM,

TEMS, or TKLM

On Page 173, replace the example for exporting the master key with the example shown:

To export the master key to the RKM key vault:

SecurityAdmin:switch>

cryptocfg --exportmasterkey

Enter passphrase:*******

Confirm passphrase:*******

Master key exported.

Master Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:55

Exported Key ID: 11:95:82:cd:80:88:41:31:42:dd:c3:5f:d0:a7:95:56

fruReplace

This command is no longer supported as of Fabric OS v7.0.0. Refer to the

WWN Card Remove and

Replace Procedure

(53-1000832-05) for information on how to replace a WWN card without this

command.